Edge Encryption release notes

Edge Encryption release notes

Edge Encryption release notes

Edge Encryption product enhancements and
updates in the Geneva
release.

Activation information

The Edge Encryption plugin is available as a separate
subscription.

New in the Geneva
release

Organizations face the challenge and complexity to protect sensitive data within the ServiceNow platform. The Edge Encryption application provides customers
with an end-to-end native solution to manage the encryption of their data that helps them
solve challenges tied to sovereignty concerns, data loss prevention, and regulatory
compliance.

With Edge Encryption, the customers create and
control their encryption keys. Edge Encryption
is available as a proxy application that resides in a customer's network and encrypts data
before the data is sent over the Internet to the ServiceNow instance (encrypted
while in flight). The data remains encrypted while stored in the instance, (encrypted while
at rest). The encrypted data is sent back to the proxy application (encrypted while in
flight), and is decrypted by the proxy before being sent to the browser in the customer's
network.

The customer's security administrator specifies which fields are to be encrypted using the
Edge Encryption plugin. The customer's
security administrator can choose between Advanced Encryption Standard (AES) 128 or 256
encryption algorithms. Attachments can be encrypted on a table-by-table basis. Depending on
the encryption type chosen for a field, certain levels of filtering, sorting, or compare
functionality can be configured.

On-premises proxy encrypts data to or from the ServiceNow platform
before going through SSL encrypted connection (encrypted while in flight.) Data
stored in the ServiceNow platform is
encrypted (encrypted at rest.)

Levels of data
encryption

Multiple options for encryption to support different levels of sorting or
filtering functionality. These options are standard, equality preserving, and
order preserving.

Encryption
jobs

Mass encryption and decryption to apply a key en mass to a table field or
attachment.

Encryption key rotation
support

Key rotation management to support replacing an existing encryption key with
a new key.

Rules to support custom applications

Rules engine to support the creation of encryption rules for custom
applications.

Monitoring
tools

Monitoring tools to troubleshoot and diagnose activity on the proxy
server.